Browser fingerprinting is performing a series of tests to attempt to uniquely identify a browser and the machine from which it is being used. If one is able to fingerprint a browser, then one may reasonably assume that the person using the machine is consistent. The ability to fingerprint punches a huge hole in various techniques used to maintain privacy or anonymity while browsing.

Here is more information from EFF:

• EFF Research Shows More Than 8 in 10 Browsers Have Unique, Trackable Signatures
• Browser Uniqueness White Paper
• How unique is your browser?

Some of the bits of information that your browser exposes to allow it be be fingerprinted include:

• Browser plugins
• Installed system fonts

These bits of information are only available using javascript. Disabling javascript certainly does enhance your privacy but it also negatively impacts your online experience.

This is an area that requires more research and the development of anti-fingerprinting techniques.

For more on Zeus, see this Wikipedia article.

As always; keep your software updated, use anti-malware detection software, use a well-configured firewall when accessing public Internet access point, and use common sense to recognize phishing attempts.

In the meantime, you can protect yourself somewhat and still use Acrobat Reader. These steps do not guarantee your safety but do reduce your risk profile.

Disable Javascript

Many of the attack vectors are related to the use of javascript, so the obvious solution is to disable javascript. Follow these steps:

1. Open Acrobat Reader
2. Open the ‘Preferences’ dialog from the menu Edit > Preferences
3. Uncheck the Enable Acrobat Javascript from the ‘General’ or ‘Javascript’ tab
4. Save your changes

Prevent the Display of Acrobat Documents in the Browser

This prevents malicious links from displaying a PDF in you browser. Combined with the next recommendation, it also forces you to be more aware of the files you are about to view.

1. Open Acrobat Reader
2. Open the ‘Preferences’ dialog from the menu Edit > Preferences
3. Uncheck the Display PDF in Browser from the ‘Internet’ tab
4. Save your changes

Prevent Internet Explorer from automatically opening PDF documents

This step involves editing your registry file and is usually reserved for advanced users. Please make a backup of your registry before completing this step.

1. Start the registry editor (regedit)
2. You will be modifying 2 key values, so navigate to these branches:
   • HKEY_CLASSES_ROOT\AcroExch.Document.7
   • HKEY_CLASSES_ROOT\AcroPDF.PDF.1
3. In each branch, modify the key EditFlags. The new value should be:
   • 00 00 00 00 (REG_BINARY)
4. Save your changes.

If regedit refuses to save your changes, you may need to modify the permissions on the branch. Do this by right-clicking.

Do Not Open Untrusted PDF Documents

If you do not know who the PDF is from or are unexpectly asked to open a PDF, just say no.

The Ten Dumbest Things People Do to Mess Up Their Computers

1. Plug into the Wall without Surge Protection
2. Surf the Internet without a Hardware Firewall and a Software Firewall
3. Turn off the Antivirus Because It Slows Down Your System
4. Install and Uninstall Lots of Programs, Especially Freeware
5. Keep Your Hard Drive Full and Fragmented
6. Open All Email Attachments
7. Click on Everything
8. Believe that Macs Don’t Get Viruses
9. Use Easy, Quick passwords
10. Don’t Bother with Backups

Now I’m certain that somebody will deliver a comedic version of this list but the ten items listed here are things to make certain YOU do not do.

It has been some time since I distributed the last report. The information contained herein is still relevant for all users.